WO 2004/019585 



PCT/GB2003/003668 



8 

Claims 

1 . A method for use in the monitoring of communications traffic, 
comprising the step of recording the said traffic and storing the 
recorded traffic in an encrypted data format such that the data can 
be decrypted only by means of keys that exhibit restricted 
availability. 

2. A method as claimed in Claim 1 and arranged to employ a spare 

t 

disk and/or CPU capacity within a telecommunications system. 

3. A method as claimed in Claim 1 or 2 and including the step of 
including encrypted search conditions within the decryption keys that 
are made selectively available. 

4. A method as claimed in Claim 1, 2 or 3, and including the step of 
employing separate levels of authorisation for access to the stored 
data. 

5. A method as claimed in any one or more of Claims 1-4, and 
including the step of employing a decryption key that is useable only 
once. 

6. A method as claimed in any one or more of the preceding claims, 
and including the step of logging all accesses to the stored data to 
an encrypted secure audit trail. 

7. A method as claimed in any one or more of the preceding claims 
and including a tamper detection reference within the encrypted 
data. 
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8. A method as claimed in any one or more of the preceding claims, 
and including the step of monitoring all the available 
communications traffic. 

9. A method as claimed in Claim 8 and when the step of storing the 
recorded traffic comprises the step of recording all of the recorded 
traffic. 

10. A method as claimed in any one or more of the preceding claims, 
wherein the communications traffic to be recorded comprises traffic 
through a telecommunications switch, router or gateway. 

11. A method as claimed in any one or more of the preceding claims, 
and including the step of encrypting details relating to the 
communications traffic and storing the said encrypted details for 
subsequent access. 

12. A method as claimed in any one or more of the preceding claims 
and including the step of authorising use of the required decryption 
key in a restricted manner. 

13. A system for use in the monitoring of communications traffic, 
including means for recording the said traffic and means for storing 
the recorded traffic as encrypted data, such that the recorded data 
can be decrypted only by means of keys that exhibit restricted 
availability. 

14. A system as claimed in Claim 13 and arranged with means for 
executing the method steps of any one or more of Claims 2-12. 
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15. A method for use in the monitoring of telecommunications traffic 
substantially as hereinbefore described with reference to, and as 
illustrated in the accompanying drawing. 

16. A system for use in the monitoring of telecommunications traffic 
substantially as hereinbefore described with reference to, and as 
illustrated in the accompanying drawing. 



